Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our User Agreement and Privacy Policy.

Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our Privacy Policy and User Agreement for details.

Protecting your home and office in the era of IoT

1.
Protecting Protecting
your home and office your home and office
in the era of IoTin the era of IoT
Marian HackMan MarinovMarian HackMan Marinov
Chief System ArchitectChief System Architect
SiteGround.comSiteGround.com

11.
❖❖ IoT Security?IoT Security?
* most of the WiFi/Radio/Bluetooth IoT devices* most of the WiFi/Radio/Bluetooth IoT devices
have poor securityhave poor security

12.
❖❖ IoT Security?IoT Security?
* most of the WiFi/Radio/Bluetooth IoT devices* most of the WiFi/Radio/Bluetooth IoT devices
have poor securityhave poor security
- manufacturers were more concerned with- manufacturers were more concerned with
usabilityusability

13.
❖❖ IoT Security?IoT Security?
* most of the WiFi/Radio/Bluetooth IoT devices* most of the WiFi/Radio/Bluetooth IoT devices
have poor securityhave poor security
- manufacturers were more concerned with- manufacturers were more concerned with
usabilityusability
- the HW does not allow them to do a lot more- the HW does not allow them to do a lot more

14.
❖❖ IoT Security?IoT Security?
* most of the WiFi/Radio/Bluetooth IoT devices* most of the WiFi/Radio/Bluetooth IoT devices
have poor securityhave poor security
- manufacturers were more concerned with- manufacturers were more concerned with
usabilityusability
- the HW does not allow them to do a lot more- the HW does not allow them to do a lot more
- use of default passwords is widespread- use of default passwords is widespread

17.
❖❖ IoT Security?IoT Security?
- >5000 IoT devices attack their own network- >5000 IoT devices attack their own network
http://www.zdnet.com/article/how-iot-hackers-turned-a-universitys-network-agaihttp://www.zdnet.com/article/how-iot-hackers-turned-a-universitys-network-agai
nst-itself/nst-itself/
- security of the low cost devices is almost non-- security of the low cost devices is almost non-
existentexistent
- and to top all that, there is the Shodan search- and to top all that, there is the Shodan search
engine, which helps to search for such devicesengine, which helps to search for such devices

18.
❖❖ The number of attacks made by IoT devicesThe number of attacks made by IoT devices
is increasing while businesses and customersis increasing while businesses and customers
are searching for easier to use devices...are searching for easier to use devices...

19.
❖❖ Most of the IoT devices work in "The Cloud"Most of the IoT devices work in "The Cloud"
- your data is as secure as the company that- your data is as secure as the company that
keeps itkeeps it
- your devices are sharing information with- your devices are sharing information with
other companies via APIsother companies via APIs
- some of your devices can not function without- some of your devices can not function without
"The Cloud""The Cloud"

20.
❖❖ IoT device updatesIoT device updates
- some of these devices get no updates- some of these devices get no updates
- most of the Chinese devices will NEVER get- most of the Chinese devices will NEVER get
software updatessoftware updates
- some of the very small IoT devices don't even- some of the very small IoT devices don't even
have a mechanism for over the air upgradehave a mechanism for over the air upgrade
- a lot of the devices that do support updates,- a lot of the devices that do support updates,
do not have a mechanism to actually verify thedo not have a mechanism to actually verify the
update images, so anyone can provide falseupdate images, so anyone can provide false
imagesimages

21.
❖❖ IoT as TrojansIoT as Trojans
- single compromised IoT device can be used to- single compromised IoT device can be used to
circumvent company firewalls and open yourcircumvent company firewalls and open your
networks to a lot of different attacksnetworks to a lot of different attacks

22.
❖❖ A lot of these missing security features areA lot of these missing security features are
because adding the security would actuallybecause adding the security would actually
introduce complexity for the customersintroduce complexity for the customers

23.
❖❖ Once compromised the devices are no longerOnce compromised the devices are no longer
under your controlunder your control

24.
❖❖ Sometimes compromised devices maySometimes compromised devices may
remain under your control but simply waitingremain under your control but simply waiting
for a command by the C&C serversfor a command by the C&C servers

25.
❖❖ What am I doing to protect my selfWhat am I doing to protect my self
and to protect the Internet from me?and to protect the Internet from me?

26.
❖❖ I personally, try to avoid devices that requireI personally, try to avoid devices that require
access to the manufacturer's sitesaccess to the manufacturer's sites

27.
❖❖ I personally, try to avoid devices that requireI personally, try to avoid devices that require
access to the manufacturer's sitesaccess to the manufacturer's sites
❖❖ This prevents the possibility of remotelyThis prevents the possibility of remotely
disabling or changing my devicedisabling or changing my device

28.
❖❖ Every new device I connect to my network isEvery new device I connect to my network is
given static IP addressgiven static IP address

29.
❖❖ Every new device I connect to my network isEvery new device I connect to my network is
given static IP addressgiven static IP address
❖❖ Every device is initially firewalledEvery device is initially firewalled

30.
❖❖ Every new device I connect to my network isEvery new device I connect to my network is
given static IP addressgiven static IP address
❖❖ Every device is initially firewalledEvery device is initially firewalled
❖❖ I check what are the addresses that it needsI check what are the addresses that it needs
and allow only themand allow only them

31.
❖❖ Every new device I connect to my network isEvery new device I connect to my network is
given static IP addressgiven static IP address
❖❖ Every device is initially firewalledEvery device is initially firewalled
❖❖ I check what are the addresses that it needsI check what are the addresses that it needs
and allow only themand allow only them
❖❖ I do not allow traffic to devices that do notI do not allow traffic to devices that do not
require thatrequire that

32.
❖❖ Every new device I connect to my network isEvery new device I connect to my network is
given static IP addressgiven static IP address
❖❖ Every device is initially firewalledEvery device is initially firewalled
❖❖ I check what are the addresses that it needsI check what are the addresses that it needs
and allow only themand allow only them
❖❖ I do not allow traffic to devices that do notI do not allow traffic to devices that do not
require thatrequire that
❖❖ When I need to update the SW or FW of theWhen I need to update the SW or FW of the
device I allow them Internet accessdevice I allow them Internet access

33.
❖❖ Every new device I connect to my network isEvery new device I connect to my network is
given static IP addressgiven static IP address
❖❖ Every device is initially firewalledEvery device is initially firewalled
❖❖ I check what are the addresses that it needsI check what are the addresses that it needs
and allow only themand allow only them
❖❖ I do not allow traffic to devices that do notI do not allow traffic to devices that do not
require thatrequire that
❖❖ When I need to update the SW or FW of theWhen I need to update the SW or FW of the
device I allow them Internet accessdevice I allow them Internet access
❖❖ After upgrade I test what the device is tryingAfter upgrade I test what the device is trying
to access againto access again

34.
❖❖ I would never give internet access to VoiceI would never give internet access to Voice
and Video devicesand Video devices

36.
❖❖ A lot of surveillance give you false sense ofA lot of surveillance give you false sense of
security by providing you user/passwordsecurity by providing you user/password
prompts, but their video streams are protectedprompts, but their video streams are protected
with DEFAULT users and passwordswith DEFAULT users and passwords

37.
❖❖ In 2015 unprotected baby monitors leakedIn 2015 unprotected baby monitors leaked
audio and video conversations by unsuspectingaudio and video conversations by unsuspecting
familiesfamilies
❖❖ In 2016 unprotected IP camera helped toIn 2016 unprotected IP camera helped to
schedule the best time for burglary in someschedule the best time for burglary in some
companies and homes in the UScompanies and homes in the US

38.
❖❖ There are currently around 6 billion internet-There are currently around 6 billion internet-
connected devices in use worldwide, and thatconnected devices in use worldwide, and that
figure is predicted to soar to over 20 billion byfigure is predicted to soar to over 20 billion by
2020, according to research by consultancy2020, according to research by consultancy
Gartner.Gartner.

39.
❖❖ The EU tries to battle these security threatsThe EU tries to battle these security threats
by introducing new laws for IoT devicesby introducing new laws for IoT devices

40.
❖❖ Keep in mind that security IS a process andKeep in mind that security IS a process and
not a statenot a state

41.
❖❖ Keep in mind that security IS a process andKeep in mind that security IS a process and
not a statenot a state
❖❖ A device that is SECURE today, may beA device that is SECURE today, may be
UNSECURE tomorrowUNSECURE tomorrow